Enhance auth JSONRPC, now provides persistent output

Implements - Auth.Generate("user") - Auth.Fetch("user") - Auth.Reset("user") This patch also adds testing for each of these cases
2025-11-23 11:07:50 -05:00 · 2015-09-18 02:59:57 -07:00
parent 51652c38cb
commit f8bb85aeb7
6 changed files with 222 additions and 26 deletions
--- a/pkg/controller/rpc/auth.go
+++ b/pkg/controller/rpc/auth.go
@@ -17,7 +17,10 @@
 package rpc

 import (
+	"errors"
 	"net/http"
+	"os"
+	"strings"

 	"github.com/minio/minio/pkg/auth"
 	"github.com/minio/minio/pkg/probe"
@@ -26,29 +29,126 @@ import (
 // AuthService auth service
 type AuthService struct{}

-// AuthReply reply with new access keys and secret ids
-type AuthReply struct {
-	AccessKeyID     string `json:"accesskey"`
-	SecretAccessKey string `json:"secretaccesskey"`
+// AuthArgs auth params
+type AuthArgs struct {
+	User string `json:"user"`
 }

-func getAuth(reply *AuthReply) *probe.Error {
-	accessID, err := auth.GenerateAccessKeyID()
+// AuthReply reply with new access keys and secret ids
+type AuthReply struct {
+	Name            string `json:"name"`
+	AccessKeyID     string `json:"accessKeyId"`
+	SecretAccessKey string `json:"secretAccessKey"`
+}
+
+// generateAuth generate new auth keys for a user
+func generateAuth(args *AuthArgs, reply *AuthReply) *probe.Error {
+	config, err := auth.LoadConfig()
+	if err != nil {
+		if os.IsNotExist(err.ToGoError()) {
+			// Initialize new config, since config file doesn't exist yet
+			config = &auth.Config{}
+			config.Version = "0.0.1"
+			config.Users = make(map[string]*auth.User)
+		} else {
+			return err.Trace()
+		}
+	}
+	if _, ok := config.Users[args.User]; ok {
+		return probe.NewError(errors.New("Credentials already set, if you wish to change this invoke Reset() method"))
+	}
+	accessKeyID, err := auth.GenerateAccessKeyID()
 	if err != nil {
 		return err.Trace()
 	}
-	reply.AccessKeyID = string(accessID)
-	secretID, err := auth.GenerateSecretAccessKey()
+	reply.AccessKeyID = string(accessKeyID)
+
+	secretAccessKey, err := auth.GenerateSecretAccessKey()
 	if err != nil {
 		return err.Trace()
 	}
-	reply.SecretAccessKey = string(secretID)
+	reply.SecretAccessKey = string(secretAccessKey)
+	config.Users[args.User] = &auth.User{
+		Name:            args.User,
+		AccessKeyID:     string(accessKeyID),
+		SecretAccessKey: string(secretAccessKey),
+	}
+	if err := auth.SaveConfig(config); err != nil {
+		return err.Trace()
+	}
 	return nil
 }

-// Get auth keys
-func (s *AuthService) Get(r *http.Request, args *Args, reply *AuthReply) error {
-	if err := getAuth(reply); err != nil {
+// fetchAuth fetch auth keys for a user
+func fetchAuth(args *AuthArgs, reply *AuthReply) *probe.Error {
+	config, err := auth.LoadConfig()
+	if err != nil {
+		return err.Trace()
+	}
+	if _, ok := config.Users[args.User]; !ok {
+		return probe.NewError(errors.New("User not found"))
+	}
+	reply.AccessKeyID = config.Users[args.User].AccessKeyID
+	reply.SecretAccessKey = config.Users[args.User].SecretAccessKey
+	return nil
+}
+
+// resetAuth reset auth keys for a user
+func resetAuth(args *AuthArgs, reply *AuthReply) *probe.Error {
+	config, err := auth.LoadConfig()
+	if err != nil {
+		return err.Trace()
+	}
+	if _, ok := config.Users[args.User]; !ok {
+		return probe.NewError(errors.New("User not found"))
+	}
+	accessKeyID, err := auth.GenerateAccessKeyID()
+	if err != nil {
+		return err.Trace()
+	}
+	reply.AccessKeyID = string(accessKeyID)
+	secretAccessKey, err := auth.GenerateSecretAccessKey()
+	if err != nil {
+		return err.Trace()
+	}
+	reply.SecretAccessKey = string(secretAccessKey)
+
+	config.Users[args.User] = &auth.User{
+		Name:            args.User,
+		AccessKeyID:     string(accessKeyID),
+		SecretAccessKey: string(secretAccessKey),
+	}
+	return auth.SaveConfig(config).Trace()
+}
+
+// Generate auth keys
+func (s *AuthService) Generate(r *http.Request, args *AuthArgs, reply *AuthReply) error {
+	if strings.TrimSpace(args.User) == "" {
+		return errors.New("Invalid argument")
+	}
+	if err := generateAuth(args, reply); err != nil {
+		return probe.WrapError(err)
+	}
+	return nil
+}
+
+// Fetch auth keys
+func (s *AuthService) Fetch(r *http.Request, args *AuthArgs, reply *AuthReply) error {
+	if strings.TrimSpace(args.User) == "" {
+		return errors.New("Invalid argument")
+	}
+	if err := fetchAuth(args, reply); err != nil {
+		return probe.WrapError(err)
+	}
+	return nil
+}
+
+// Reset auth keys, generates new set of auth keys
+func (s *AuthService) Reset(r *http.Request, args *AuthArgs, reply *AuthReply) error {
+	if strings.TrimSpace(args.User) == "" {
+		return errors.New("Invalid argument")
+	}
+	if err := resetAuth(args, reply); err != nil {
 		return probe.WrapError(err)
 	}
 	return nil
--- a/pkg/controller/rpc/version.go
+++ b/pkg/controller/rpc/version.go
@@ -18,7 +18,8 @@ package rpc

 import (
 	"net/http"
-	"time"
+
+	"github.com/minio/minio/pkg/version"
 )

 // Args basic json RPC params
@@ -29,7 +30,7 @@ type Args struct {
 // VersionReply version reply
 type VersionReply struct {
 	Version   string `json:"version"`
-	BuildDate string `json:"build-date"`
+	BuildDate string `json:"buildDate"`
 }

 // VersionService -
@@ -38,8 +39,9 @@ type VersionService struct{}
 func getVersion() string {
 	return "0.0.1"
 }
+
 func getBuildDate() string {
-	return time.Now().UTC().Format(http.TimeFormat)
+	return version.Version
 }

 func setVersionReply(reply *VersionReply) {